Sumit Gupta, CEO of Indian Crypto Exchange Coindcx, has linked the recent $ 44 million security breach of the platform to a targeted social engineering attack.
In a statement of 31 July shared via X (formerly Twitter), Gupta said that early findings indicate that the exploit may have resulted in manipulation tactics to gain unauthorized internal access. He explained that these attacks are often involved in misleading employees to jeopardize sensitive systems or references.
According to him:
“Based on our internal provisional findings, this seems like an advanced attack in the field of social engineering. Of course, employees of a company in these attacks are the target to gain illegal access to internal systems of an organization.”
This confirms reports from Indian media that suggest that a coindcx employee may have played a key role, knowingly and knowingly or negligent. According to The Times of India, the police in Bengaluru Rahul Agarwal held up, a coindcx software engineer, whose internal references were reportedly abused during the infringement.
The report claims that the attacker started a small USDT transaction of $ 1 of the employee’s account as a test before he continues with the larger theft of $ 44 million. Authorities investigate whether the staff member was complicit or compromised in the attack.
In the meantime, Gupta has not provided any further information about the investigation. Instead, he said:
“Since this is an ongoing investigation, we unfortunately cannot get in touch with the media or the public. We want to ensure that the integrity of the process is maintained and fully collaborate with the authorities.”
Social Engineering Attacks
Social engineering attacks continue to bully the crypto industry and often circumvent technical guarantees by focusing on human behavior. Security researchers estimate that up to 98% of cyber attacks arise from a form of social engineering.
So the coindcx infringement is part of a broader trend that has been observed in the past year.
Last year, the American authorities revealed that attackers in North Korea used comparable tactics to steal $ 305 million from the Japanese DMM Bitcoin exchange. Earlier this year, Blockchain analyst also revealed Zachxbt that Coinbase users lose more than $ 300 million annually in social engineering scams.
These cases emphasize an urgent problem where even advanced cyber security measures can fail when employees are manipulated.